Servicing

Servicing is a functional requirement, mandated by the Quality System Regulation, and often overlooked by device manufacturers. Though 21 CFR, Part 820.200 is often associated with capital equipment, manufacturers of disposable medical devices still must consider the requirement. It really is a mission critical assignment to provide adequate servicing for equipment deployed in healthcare facilities, while ensuring all of the relevant servicing activities are recorded, tracked trended, analyzed, etc.

Share this:

Servicing is a functional requirement, mandated by the Quality System Regulation (QSR), and often overlooked by device manufacturers. Granted, 21 CFR, Part 820.200 is often associated with capital equipment; however, manufacturers of disposable medical devices still must consider the requirement.

As with all aspects of the QSR, a written procedure is required, delineating a device manufacturer’s steps for compliance with the requirement. If servicing is not relevant for the device manufacturer, written rationale as to why servicing is not a requirement should still be generated.

As many of you already know, Dr. D is always preaching to the choir in regards to compliance. The doctor, being a precentor (look-it up) of compliance to regulations for the medical device industry, strongly believes in the need for well-written procedures and written rationales to support ongoing compliance to the QSR and other mandated regulatory requirements, required to participate in the device industry. Written procedures supporting compliance with the mandated industry regulations should be considered the price of admission.

Warning letter violations Dr. D spent a significant amount of time searching FDA’s warning-letter database in search of enforcement actions depicting compliance issues due to servicing. I was able to locate two violators of the QSR, with each being duly rewarded with a warning letter. Each violator had one common problem: failure to establish and maintain procedures. Device manufacturers need to remember that it is an ineluctable (look-it up if you must) fact that you will receive Form 483s and potentially warning letters for not establishing procedures. As Dr. D has often stated, compliance to DG Rule # 6 is not an option; “All procedures, work instructions, drawings, specifications, etc. must be written, well-documented, and controlled within a defined document control system.”

The second warning-letter recipient clearly endeared their organization with the agency, as evidenced by two of their ten observations, noted in the warning letter, rooted in servicing issues. Not only did this device manufacturer fail to establish procedures for servicing, the servicing reports being collected from the field were not being appropriately analyzed employing statistical techniques. Although the doctor has not leaped onto his soapbox too much in regards to the importance of analyzing collected data, what is the point of data collection if the results are not analyzed, trended, and if necessary, do not drive change?

Warning Letter Two (May 2009): Observation 7 of 10 – Failure to establish and maintain instructions and procedures for performing and verifying that the servicing meets specified requirements, as required by 21 CFR 820.200(a). Specifically, your firm does not have any procedures for servicing.

Observation 8 of 10 – Failure to analyze service reports with appropriate statistical methodology, as required by 21 CFR 820.200(b). Specifically, your firm does, not have any procedures for analyzing service reports. In addition, the service reports were not analyzed following appropriate statistical methods.

(a) Where servicing is a specified requirement, each manufacturer shall establish and maintain instructions and procedures for performing and verifying that the servicing meets the specified requirements.

(b) Each manufacturer shall analyze service reports with appropriate statistical methodology in accordance with 820.100.

(c) Each manufacturer who receives a service report that represents an event which must be reported to FDA under part 803 of this chapter shall automatically consider the report a complaint and shall process it in accordance with the requirements of 820.198.

(d) Service reports shall be documented and shall include:

The name of the device serviced;

Any device identification(s) and control number(s) used;

The date of service;

The individual(s) servicing the device;

The service performed; and

The test and inspection data.

Servicing Not wanting to state the obvious but obliged to do so, section 820.200 is divided into four subsections (a through d). In the eyes of FDA, there is sufficient granularity delineated within the servicing section for device manufacturers to develop a procedure, or if necessary, a set of procedures, incorporating servicing into their quality model. Remember, depending on the nature of the device being distributed into the US markets, a full-blown procedure may not be required; however, device manufacturers are compelled to at least develop a procedure and written rationale as to why the servicing requirement is not relevant to their business model. Dr. D strongly believes that there are no such animals as minimum-level of compliance or maximum-level of compliance. There is only compliance, period!

Establish and maintain instructions and procedures The first section of the servicing requirement defines the necessity for device manufacturers to establish servicing, with the caveat that states, “Where servicing is a specific requirement.” As Dr. D stated in the previous section establishing procedures is a salient requirement. Even though the agency has given device manufacturers the proverbial “get-out-of-jail free card” a written procedure, albeit brief, is strongly recommended for device manufacturers that claim servicing is not specific requirement. One of Dr. D’s favorite mantras is and will continue to be; “documented evidence of compliance is a device manufacturer’s best defense during an FDA inspection.”

Not wanting to state the obvious but obliged to do so, section 820.200 is divided into four subsections (a through d). In the eyes of FDA, there is sufficient granularity delineated within the servicing section for device manufacturers to develop a procedure, or if necessary, a set of procedures, incorporating servicing into their quality model. Remember, depending on the nature of the device being distributed into the US markets, a full-blown procedure may not be required; however, device manufacturers are compelled to at least develop a procedure and written rationale as to why the servicing requirement is not relevant to their business model. Dr. D strongly believes that there are no such animals as minimum-level of compliance or maximum-level of compliance. There is only compliance, period!The first section of the servicing requirement defines the necessity for device manufacturers to establish servicing, with the caveat that states, “Where servicing is a specific requirement.” As Dr. D stated in the previous section establishing procedures is a salient requirement. Even though the agency has given device manufacturers the proverbial “get-out-of-jail free card” a written procedure, albeit brief, is strongly recommended for device manufacturers that claim servicing is not specific requirement. One of Dr. D’s favorite mantras is and will continue to be; “documented evidence of compliance is a device manufacturer’s best defense during an FDA inspection.”

Analyze service reportsThe second salient requirement of the servicing regulation is the actual analysis of the service reports employing recognized statistical methodologies. The bottom-line requirement for service reports is extremely elementary. The reports contain data; and data screams to be analyzed. Besides, who wants to sit across from your friendly FDA investigator and attempt to explain that your organization collected data just for the sake of having data? What would be the point? Exactly, there would be no point, so just be prepared to ask, where do I sign the Form 483.

Event reportingThe third salient requirement of the servicing regulation is that, if during the review of a service report it has been determined an adverse event has occurred (serious patient injury or death) the servicing record needs to be captured and recorded as a complaint that is reportable. Complaints shall be managed in accordance with 820.198. If you need a refresher on complaint management requirements, Dr. D would like to suggest rereading the previous three editions of DG, which delineated the requirements of an effective complaint-management system. Additionally, servicing records logged as complaints, and where the adverse events are deemed reportable, the events shall be reported to the agency in accordance with 21 CFR, Part 803. The form employed for reporting adverse events, Form 3500(a) can be downloaded from FDA’s website. Furthermore, electronic reporting is now the preferred methodology of the agency.

Service reports Similar to other record requirements associated with the QSR, there are specific deliverables associated with service reports. The QSR mandates that at least six (6) pieces of information be collected and retained as part of ongoing compliance with the servicing requirements. These salient pieces of information are:

The actual name of the device that was serviced (preferably the registered legal name);

Device identification and control number (e.g., unit serial number);

The date the service was actually performed (self explanatory – the doctor hopes);

The name of the individual performing the service (recommend capturing the name of the individual’s organization if it is different from the manufacturer);

The nature of the service performed (self explanatory); and

The actual inspection and/or test reports associated with the service (evidence that the service occurred and the piece of equipment is functioning within specification).

Although not specifically delineated within the regulation, Dr. D recommends capturing additional information such as: (a) location of the unit being serviced; (b) reason behind the service call; (c) point of contact; (d) list of components replaced; (e) revision of software loaded; (f) operating hours, if captured by a meter on the piece of equipment being serviced; and (g) if the servicing was being performed during a full or blue moon (just kidding about the moon). These additional pieces of information, specifically information that modifies the as-built or as-shipped configuration should find its way back to the Device History Record (DHR). Additionally, if servicing is being performed to incorporate specific design changes, these should be captured in the Design History File (DHF). Furthermore, make sure these changes have been validated, and received the appropriate level of regulatory review and approval, including FDA, if deemed appropriate.

TakeawaysOne of the reason the QSR has a servicing requirement, other than the obvious patient and user safety and efficacy, is to protect end users from the infamous red-light guarantee, a.k.a., as long as you see the red-tail lights of the shipping truck, the equipment is guaranteed to function. All kidding aside, it really is a mission critical assignment to provide adequate servicing for equipment deployed in healthcare facilities, while ensuring all of the relevant servicing activities are recorded, tracked trended, analyzed, etc.

Additionally, keeping track of changes to configuration becomes a daunting task if record keeping is poor. Dr. D has first hand experience in executing recalls (there is that dirty six-letter word again), because inadequate servicing records placed into question the actual configuration of equipment released into distribution. The root of the recall was nestled in record accuracy and ineffective management of service records. That said, unlike tossing a hand grenade, or the cliché “close but no cigars” record accuracy counts.

In closing, thank you again for joining Dr. D and I hope you find value in the guidance provided. Until the next installment of DG, when I begin providing guidance for Subpart – O (Statistical Techniques), specifically 820.250 – cheers from Dr. D. and best wishes for continued professional success.

Share this:

Related Articles

When your friends from the agency stop by for that friendly cup of coffee and an inspection, they will ask to see DMRs and, eventually, review DHRs to verify finished medical devices are being properly manufactured.

Well (deep subject, the doctor knows), I know many of the readers were wondering about Dr. D’s next series. The doctor really wanted to make this next series an enjoyable surprise. That being said, surprise, surprise, surprise (thank you Gomer…

What is the responsibility of the design owner? What level of accountability does the supplier have? What follow-up actions must a supplier take? A variety of best practices need to be driven forward by both suppliers and OEMs in an…

About The Author

Dr. Christopher Joseph Devine is the President of Devine Guidance International, a consulting firm specializing in providing solutions for regulatory compliance, quality, supplier management, and supply-chain issues facing the device industry. Dr. Devine has 32 years of experience in quality assurance, regulatory compliance and program management. He is a senior member of the American Society for Quality (ASQ), a member of the Regulatory Affairs Professionals Society (RAPS), and a member of the Project Management Institute, and resides on several technical advisory boards. Dr. Devine received his doctorate from Northcentral University, with his doctoral dissertation titled, “Exploring the Effectiveness of Defensive-Receiving Inspection for Medical Device Manufacturers: A Mixed-Method Study.” Dr. Devine holds a graduate degree in organizational management (MAOM) and an undergraduate degree in business management (BSBM).

Upcoming Events & Webinars

Deficiencies in process validation and other aspects of production and process control earn more FDA enforcement actions than any other quality function except CAPA. This two-day workshop addresses key issues in process validation, including risk-based determination of processes to be validated, FDA and 13485:2016 requirements, key process validation elements and best practices, statistical and other tools, maintaining the validated state, and documentation.

The medical technology industry is witnessing a growing number of mergers and acquisitions, and poses a unique set of challenges when it comes to due diligence. This interactive conference, mixing didactic sessions with discussion and case studies, is led by senior industry professionals who have gone through mergers and acquisitions and seen both the good and the bad, focuses on those issues unique to medical technology companies.

Rules and procedures for import and export of medical devices are growing more so with new rules and with changes in international trade agreements. Customs and FDA have been requesting more information and conducting more inspections and examinations than before. Mistakes in procedures or documentation can lead to withheld or seized shipments and consequent financial lost to U.S. and foreign manufacturers, suppliers, and brokers. This one-day program with speakers from government, industry, and consulting firms will cover the laws and regulations, recent changes, procedures, best practices, and common mistakes.

The regulations are there for anyone to read, but even the largest, best-prepared companies have large teams struggling with implementation. There is no easy answer, but we are all in this together, and by pooling thoughts and solutions can expedite the process for everyone. This two-day workshop convenes experts from major companies, notified bodies, and consulting firms to share strategies, procedures, experiences, and challenges.

Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

You can adjust all of your cookie settings by navigating the tabs on the left hand side.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

We use tracking pixels that set your arrival time at our website, this is used as part of our anti-spam and security measures. Disabling this tracking pixel would disable some of our security measures, and is therefore considered necessary for the safe operation of the website. This tracking pixel is cleared from your system when you delete files in your history.

We also use cookies to store your preferences regarding the setting of 3rd Party Cookies.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.

3rd Party Cookies

This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping this cookie enabled helps us to improve our website.

Please enable Strictly Necessary Cookies first so that we can save your preferences!

Tracking Beacon

We also use a Tracking Beacon from our email services provider Act-On that allows us to track interest in articles and subject areas of interest to our Newsletter Subscribers.

Keeping this beacon enabled helps us in deciding the topics that are of interest to our Newsletter Subscribers.

Please enable Strictly Necessary Cookies first so that we can save your preferences!

Cookie Policy

A browser cookie is a small piece of data that is stored on your device to help websites and mobile apps remember things about you. Other technologies, including Web storage and identifiers associated with your device, may be used for similar purposes. In this policy, we say “cookies” to discuss all of these technologies.

Our Privacy Policy explains how we collect and use information from and about you when you use This website and certain other Innovative Publishing Co LLC services. This policy explains more about how we use cookies and your related choices.

How We Use Cookies

Data generated from cookies and other behavioral tracking technology is not made available to any outside parties, and is only used in the aggregate to make editorial decisions for the websites. Most browsers are initially set up to accept cookies, but you can reset your browser to refuse all cookies or to indicate when a cookie is being sent by visiting this Cookies Policy page. If your cookies are disabled in the browser, neither the tracking cookie nor the preference cookie is set, and you are in effect opted-out.

In other cases, our advertisers request to use third-party tracking to verify our ad delivery, or to remarket their products and/or services to you on other websites. You may opt-out of these tracking pixels by adjusting the Do Not Track settings in your browser, or by visiting the Network Advertising Initiative Opt Out page.

You have control over whether, how, and when cookies and other tracking technologies are installed on your devices. Although each browser is different, most browsers enable their users to access and edit their cookie preferences in their browser settings. The rejection or disabling of some cookies may impact certain features of the site or to cause some of the website’s services not to function properly.

Individuals may opt-out of 3rd Party Cookies used on IPC websites by adjusting your cookie preferences through this Cookie Preferences tool, or by setting web browser settings to refuse cookies and similar tracking mechanisms. Please note that web browsers operate using different identifiers. As such, you must adjust your settings in each web browser and for each computer or device on which you would like to opt-out on. Further, if you simply delete your cookies, you will need to remove cookies from your device after every visit to the websites. You may download a browser plugin that will help you maintain your opt-out choices by visiting www.aboutads.info/pmc. You may block cookies entirely by disabling cookie use in your browser or by setting your browser to ask for your permission before setting a cookie. Blocking cookies entirely may cause some websites to work incorrectly or less effectively.

The use of online tracking mechanisms by third parties is subject to those third parties’ own privacy policies, and not this Policy. If you prefer to prevent third parties from setting and accessing cookies on your computer, you may set your browser to block all cookies. Additionally, you may remove yourself from the targeted advertising of companies within the Network Advertising Initiative by opting out here, or of companies participating in the Digital Advertising Alliance program by opting out here.